summaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2018-05-17 01:00:50 -0400
committerMark H Weaver <mhw@netris.org>2018-05-17 01:00:50 -0400
commit539bf8f2c071b53834829259bb3fabf0390c5dc6 (patch)
tree16672732afbf4c3f933e67ac677aa1877f6a7657 /gnu/packages/patches
parent903874328ed5e5ab766e36cee1b1a0989e8b24a9 (diff)
parent2cf8531f360ef390d3ec670cc150b106bab5eff1 (diff)
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/adb-add-libraries.patch30
-rw-r--r--gnu/packages/patches/groovy-add-exceptionutilsgenerator.patch98
-rw-r--r--gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch (renamed from gnu/packages/patches/icecat-bug-1452075.patch)0
-rw-r--r--gnu/packages/patches/libutils-add-includes.patch11
-rw-r--r--gnu/packages/patches/libutils-remove-damaging-includes.patch21
-rw-r--r--gnu/packages/patches/libziparchive-add-includes.patch10
-rw-r--r--gnu/packages/patches/mupdf-CVE-2017-17858.patch111
-rw-r--r--gnu/packages/patches/mupdf-CVE-2018-1000051.patch88
-rw-r--r--gnu/packages/patches/mupdf-CVE-2018-6544.patch109
-rw-r--r--gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch27
-rw-r--r--gnu/packages/patches/myrepos-CVE-2018-7032.patch69
-rw-r--r--gnu/packages/patches/python-statsmodels-fix-tests.patch28
-rw-r--r--gnu/packages/patches/wesnoth-fix-std-bad-cast.patch67
13 files changed, 239 insertions, 430 deletions
diff --git a/gnu/packages/patches/adb-add-libraries.patch b/gnu/packages/patches/adb-add-libraries.patch
new file mode 100644
index 0000000000..b014832f62
--- /dev/null
+++ b/gnu/packages/patches/adb-add-libraries.patch
@@ -0,0 +1,30 @@
+--- a/adb/Android.mk 2018-04-25 23:23:29.527198350 +0200
++++ b/adb/Android.mk 2018-04-25 23:24:25.558632573 +0200
+@@ -226,7 +226,7 @@
+ LOCAL_SRC_FILES := test_track_devices.cpp
+ LOCAL_SANITIZE := $(adb_host_sanitize)
+ LOCAL_SHARED_LIBRARIES := libbase
+-LOCAL_STATIC_LIBRARIES := libadb libcrypto_static libcutils
++LOCAL_STATIC_LIBRARIES := libadb libbase libcrypto_static libcutils
+ LOCAL_LDLIBS += -lrt -ldl -lpthread
+ include $(BUILD_HOST_EXECUTABLE)
+ endif
+@@ -278,6 +278,7 @@
+ LOCAL_SANITIZE := $(adb_host_sanitize)
+ LOCAL_STATIC_LIBRARIES := \
+ libadb \
++ libcutils \
+ libbase \
+ libcrypto_static \
+ libdiagnose_usb \
+--- a/adb/sysdeps_test.cpp 2018-05-09 23:58:46.583163684 +0200
++++ b/adb/sysdeps_test.cpp 2018-05-09 23:56:41.356544648 +0200
+@@ -17,6 +17,8 @@
+ #include <gtest/gtest.h>
+ #include <unistd.h>
+ #include <atomic>
++#include <climits>
++#include <mutex>
+
+ #include "adb_io.h"
+ #include "sysdeps.h"
diff --git a/gnu/packages/patches/groovy-add-exceptionutilsgenerator.patch b/gnu/packages/patches/groovy-add-exceptionutilsgenerator.patch
new file mode 100644
index 0000000000..df74bdbaba
--- /dev/null
+++ b/gnu/packages/patches/groovy-add-exceptionutilsgenerator.patch
@@ -0,0 +1,98 @@
+From 3dbdc68093e90f0ef9b77b70490d8e0b1dcfbf8f Mon Sep 17 00:00:00 2001
+From: Julien Lepiller <julien@lepiller.eu>
+Date: Sun, 17 Sep 2017 21:08:45 +0200
+Subject: [PATCH] Add ExceptionUtilsGenerator.java.
+
+A gradle task (in gradle/utils.gradle) is normally used to generate an
+ExceptionUtils class. Since gradle depends on groovy, we cannot use it, so
+we copy the code from the gradle task to a new file. Running this file then
+generates the required class.
+---
+ .../codehaus/groovy/ExceptionUtilsGenerator.java | 75 ++++++++++++++++++++++
+ 1 file changed, 75 insertions(+)
+ create mode 100644 config/ant/src/org/codehaus/groovy/ExceptionUtilsGenerator.java
+
+diff --git a/config/ant/src/org/codehaus/groovy/ExceptionUtilsGenerator.java b/config/ant/src/org/codehaus/groovy/ExceptionUtilsGenerator.java
+new file mode 100644
+index 0000000..41f006d
+--- /dev/null
++++ b/config/ant/src/org/codehaus/groovy/ExceptionUtilsGenerator.java
+@@ -0,0 +1,75 @@
++package org.codehaus.groovy;
++
++import org.objectweb.asm.*;
++
++import java.io.BufferedOutputStream;
++import java.io.File;
++import java.io.FileOutputStream;
++import java.io.IOException;
++import java.util.logging.Logger;
++
++public class ExceptionUtilsGenerator implements Opcodes {
++ private final static Logger LOGGER = Logger.getLogger(ExceptionUtilsGenerator.class.getName());
++
++ public static void main(String... args) {
++ if (args==null || args.length==0) {
++ throw new IllegalArgumentException("You must specify at least one file");
++ }
++
++ ClassWriter cw = new ClassWriter(0);
++ MethodVisitor mv;
++
++ cw.visit(V1_5, ACC_PUBLIC + ACC_SUPER, "org/codehaus/groovy/runtime/ExceptionUtils", null, "java/lang/Object", null);
++
++ cw.visitSource("ExceptionUtils.java", null);
++
++ mv = cw.visitMethod(ACC_PUBLIC, "<init>", "()V", null, null);
++ mv.visitCode();
++ Label l0 = new Label();
++ mv.visitLabel(l0);
++ mv.visitLineNumber(18, l0);
++ mv.visitVarInsn(ALOAD, 0);
++ mv.visitMethodInsn(INVOKESPECIAL, "java/lang/Object", "<init>", "()V");
++ mv.visitInsn(RETURN);
++ Label l1 = new Label();
++ mv.visitLabel(l1);
++ mv.visitLocalVariable("this", "Lorg/codehaus/groovy/runtime/ExceptionUtils;", null, l0, l1, 0);
++ mv.visitMaxs(1, 1);
++ mv.visitEnd();
++
++ mv = cw.visitMethod(ACC_PUBLIC + ACC_STATIC, "sneakyThrow", "(Ljava/lang/Throwable;)V", null, null);
++ mv.visitCode();
++ Label l2 = new Label();
++ mv.visitLabel(l2);
++ mv.visitLineNumber(20, l2);
++ mv.visitVarInsn(ALOAD, 0);
++ mv.visitInsn(ATHROW);
++ Label l3 = new Label();
++ mv.visitLabel(l3);
++ mv.visitLocalVariable("e", "Ljava/lang/Throwable;", null, l2, l3, 0);
++ mv.visitMaxs(1, 1);
++ mv.visitEnd();
++
++ cw.visitEnd();
++
++ LOGGER.info("Generating ExceptionUtils");
++ byte[] bytes = cw.toByteArray();
++ for (String classFilePath : args) {
++ File classFile = new File(classFilePath);
++ if (classFile.getParentFile().exists() || classFile.getParentFile().mkdirs()) {
++ try {
++ if (classFile.exists()) {
++ classFile.delete();
++ }
++ BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(classFile));
++ bos.write(bytes);
++ bos.close();
++ } catch (IOException e) {
++ LOGGER.warning("Unable to write file "+classFile);
++ }
++ } else {
++ LOGGER.warning("Unable to create directory "+classFile.getParentFile());
++ }
++ }
++ }
++}
+--
+2.14.1
+
diff --git a/gnu/packages/patches/icecat-bug-1452075.patch b/gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch
index b776640133..b776640133 100644
--- a/gnu/packages/patches/icecat-bug-1452075.patch
+++ b/gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch
diff --git a/gnu/packages/patches/libutils-add-includes.patch b/gnu/packages/patches/libutils-add-includes.patch
new file mode 100644
index 0000000000..354c59b735
--- /dev/null
+++ b/gnu/packages/patches/libutils-add-includes.patch
@@ -0,0 +1,11 @@
+--- a/libutils/CallStack.cpp 2018-04-25 20:13:06.348665241 +0200
++++ b/libutils/CallStack.cpp 2018-04-25 20:13:18.360510763 +0200
+@@ -17,7 +17,7 @@
+ #define LOG_TAG "CallStack"
+
+ #include <memory>
+-
++#include <cstdlib>
+ #include <utils/CallStack.h>
+ #include <utils/Printer.h>
+ #include <utils/Errors.h>
diff --git a/gnu/packages/patches/libutils-remove-damaging-includes.patch b/gnu/packages/patches/libutils-remove-damaging-includes.patch
new file mode 100644
index 0000000000..7867dd3b80
--- /dev/null
+++ b/gnu/packages/patches/libutils-remove-damaging-includes.patch
@@ -0,0 +1,21 @@
+--- a/include/utils/StrongPointer.h 2018-04-25 18:42:34.321003602 +0200
++++ b/include/utils/StrongPointer.h 2018-04-25 18:42:42.180912201 +0200
+@@ -17,8 +17,6 @@
+ #ifndef ANDROID_STRONG_POINTER_H
+ #define ANDROID_STRONG_POINTER_H
+
+-#include <cutils/atomic.h>
+-
+ #include <stdint.h>
+ #include <sys/types.h>
+ #include <stdlib.h>
+--- a/libutils/Trace.cpp 2018-04-25 20:41:48.775049786 +0200
++++ b/libutils/Trace.cpp 2018-04-25 20:42:13.674744182 +0200
+@@ -21,5 +21,7 @@
+
+ static void traceInit()
+ {
++#if defined(__ANDROID__)
+ ::android::add_sysprop_change_callback(atrace_update_tags, 0);
++#endif
+ }
diff --git a/gnu/packages/patches/libziparchive-add-includes.patch b/gnu/packages/patches/libziparchive-add-includes.patch
new file mode 100644
index 0000000000..41137105a0
--- /dev/null
+++ b/gnu/packages/patches/libziparchive-add-includes.patch
@@ -0,0 +1,10 @@
+--- a/libziparchive/zip_writer.cc 2018-04-25 22:33:05.472674164 +0200
++++ b/libziparchive/zip_writer.cc 2018-04-25 22:33:21.296519518 +0200
+@@ -22,6 +22,7 @@
+
+ #include <sys/param.h>
+
++#include <cstring>
+ #include <cassert>
+ #include <cstdio>
+ #include <memory>
diff --git a/gnu/packages/patches/mupdf-CVE-2017-17858.patch b/gnu/packages/patches/mupdf-CVE-2017-17858.patch
deleted file mode 100644
index 66df127509..0000000000
--- a/gnu/packages/patches/mupdf-CVE-2017-17858.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-Fix CVE-2017-17858:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17858
-https://bugs.ghostscript.com/show_bug.cgi?id=698819
-https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md
-
-Patch copied from upstream source repository:
-
-https://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731
-
-From 55c3f68d638ac1263a386e0aaa004bb6e8bde731 Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Mon, 11 Dec 2017 14:09:15 +0100
-Subject: [PATCH] Bugs 698804/698810/698811: Keep PDF object numbers below
- limit.
-
-This ensures that:
- * xref tables with objects pointers do not grow out of bounds.
- * other readers, e.g. Adobe Acrobat can parse PDFs written by mupdf.
----
- include/mupdf/pdf/object.h | 3 +++
- source/pdf/pdf-repair.c | 5 +----
- source/pdf/pdf-xref.c | 21 ++++++++++++---------
- 3 files changed, 16 insertions(+), 13 deletions(-)
-
-diff --git a/include/mupdf/pdf/object.h b/include/mupdf/pdf/object.h
-index 21ed8595..4177112b 100644
---- a/include/mupdf/pdf/object.h
-+++ b/include/mupdf/pdf/object.h
-@@ -3,6 +3,9 @@
-
- typedef struct pdf_document_s pdf_document;
-
-+/* Defined in PDF 1.7 according to Acrobat limit. */
-+#define PDF_MAX_OBJECT_NUMBER 8388607
-+
- /*
- * Dynamic objects.
- * The same type of objects as found in PDF and PostScript.
-diff --git a/source/pdf/pdf-repair.c b/source/pdf/pdf-repair.c
-index ca149bd3..0c29758e 100644
---- a/source/pdf/pdf-repair.c
-+++ b/source/pdf/pdf-repair.c
-@@ -6,9 +6,6 @@
-
- /* Scan file for objects and reconstruct xref table */
-
--/* Define in PDF 1.7 to be 8388607, but mupdf is more lenient. */
--#define MAX_OBJECT_NUMBER (10 << 20)
--
- struct entry
- {
- int num;
-@@ -436,7 +433,7 @@ pdf_repair_xref(fz_context *ctx, pdf_document *doc)
- break;
- }
-
-- if (num <= 0 || num > MAX_OBJECT_NUMBER)
-+ if (num <= 0 || num > PDF_MAX_OBJECT_NUMBER)
- {
- fz_warn(ctx, "ignoring object with invalid object number (%d %d R)", num, gen);
- goto have_next_token;
-diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
-index 00586dbd..6284e70b 100644
---- a/source/pdf/pdf-xref.c
-+++ b/source/pdf/pdf-xref.c
-@@ -868,11 +868,12 @@ pdf_read_old_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf)
- fz_seek(ctx, file, -(2 + (int)strlen(s)), SEEK_CUR);
- }
-
-- if (ofs < 0)
-- fz_throw(ctx, FZ_ERROR_GENERIC, "out of range object num in xref: %d", (int)ofs);
-- if (ofs > INT64_MAX - len)
-- fz_throw(ctx, FZ_ERROR_GENERIC, "xref section object numbers too big");
--
-+ if (ofs < 0 || ofs > PDF_MAX_OBJECT_NUMBER
-+ || len < 0 || len > PDF_MAX_OBJECT_NUMBER
-+ || ofs + len - 1 > PDF_MAX_OBJECT_NUMBER)
-+ {
-+ fz_throw(ctx, FZ_ERROR_GENERIC, "xref subsection object numbers are out of range");
-+ }
- /* broken pdfs where size in trailer undershoots entries in xref sections */
- if (ofs + len > xref_len)
- {
-@@ -933,10 +934,8 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, in
- pdf_xref_entry *table;
- int i, n;
-
-- if (i0 < 0 || i1 < 0 || i0 > INT_MAX - i1)
-- fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index");
-- //if (i0 + i1 > pdf_xref_len(ctx, doc))
-- // fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries");
-+ if (i0 < 0 || i0 > PDF_MAX_OBJECT_NUMBER || i1 < 0 || i1 > PDF_MAX_OBJECT_NUMBER || i0 + i1 - 1 > PDF_MAX_OBJECT_NUMBER)
-+ fz_throw(ctx, FZ_ERROR_GENERIC, "xref subsection object numbers are out of range");
-
- table = pdf_xref_find_subsection(ctx, doc, i0, i1);
- for (i = i0; i < i0 + i1; i++)
-@@ -2086,6 +2085,10 @@ pdf_create_object(fz_context *ctx, pdf_document *doc)
- /* TODO: reuse free object slots by properly linking free object chains in the ofs field */
- pdf_xref_entry *entry;
- int num = pdf_xref_len(ctx, doc);
-+
-+ if (num > PDF_MAX_OBJECT_NUMBER)
-+ fz_throw(ctx, FZ_ERROR_GENERIC, "too many objects stored in pdf");
-+
- entry = pdf_get_incremental_xref_entry(ctx, doc, num);
- entry->type = 'f';
- entry->ofs = -1;
---
-2.16.1
-
diff --git a/gnu/packages/patches/mupdf-CVE-2018-1000051.patch b/gnu/packages/patches/mupdf-CVE-2018-1000051.patch
deleted file mode 100644
index bb78c46f80..0000000000
--- a/gnu/packages/patches/mupdf-CVE-2018-1000051.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-Fix CVE-2018-1000051:
-
-https://bugs.ghostscript.com/show_bug.cgi?id=698873
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000051
-
-Patch copied from upstream source repository:
-
-https://git.ghostscript.com/?p=mupdf.git;a=commit;h=321ba1de287016b0036bf4a56ce774ad11763384
-
-From 321ba1de287016b0036bf4a56ce774ad11763384 Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Tue, 19 Dec 2017 23:47:47 +0100
-Subject: [PATCH] Bug 698825: Do not drop borrowed colorspaces.
-
-Previously the borrowed colorspace was dropped when updating annotation
-appearances, leading to use after free warnings from valgrind/ASAN.
----
- source/pdf/pdf-appearance.c | 8 ++------
- 1 file changed, 2 insertions(+), 6 deletions(-)
-
-diff --git a/source/pdf/pdf-appearance.c b/source/pdf/pdf-appearance.c
-index 70f684f4..d7a1dddd 100644
---- a/source/pdf/pdf-appearance.c
-+++ b/source/pdf/pdf-appearance.c
-@@ -2170,7 +2170,6 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p
- fz_device *dev = NULL;
- font_info font_rec;
- fz_text *text = NULL;
-- fz_colorspace *cs = NULL;
- fz_matrix page_ctm;
-
- pdf_page_transform(ctx, annot->page, NULL, &page_ctm);
-@@ -2184,11 +2183,11 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p
- fz_var(dlist);
- fz_var(dev);
- fz_var(text);
-- fz_var(cs);
- fz_try(ctx)
- {
- char *contents = pdf_to_str_buf(ctx, pdf_dict_get(ctx, obj, PDF_NAME_Contents));
- char *da = pdf_to_str_buf(ctx, pdf_dict_get(ctx, obj, PDF_NAME_DA));
-+ fz_colorspace *cs;
- fz_point pos;
- fz_rect rect;
-
-@@ -2223,7 +2222,6 @@ void pdf_update_free_text_annot_appearance(fz_context *ctx, pdf_document *doc, p
- fz_drop_display_list(ctx, dlist);
- font_info_fin(ctx, &font_rec);
- fz_drop_text(ctx, text);
-- fz_drop_colorspace(ctx, cs);
- }
- fz_catch(ctx)
- {
-@@ -2359,7 +2357,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot
- fz_device *dev = NULL;
- font_info font_rec;
- fz_text *text = NULL;
-- fz_colorspace *cs = NULL;
- fz_path *path = NULL;
- fz_buffer *fzbuf = NULL;
- fz_matrix page_ctm;
-@@ -2375,7 +2372,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot
- fz_var(dlist);
- fz_var(dev);
- fz_var(text);
-- fz_var(cs);
- fz_var(fzbuf);
- fz_try(ctx)
- {
-@@ -2384,6 +2380,7 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot
- fz_rect logo_bounds;
- fz_matrix logo_tm;
- fz_rect rect;
-+ fz_colorspace *cs = fz_device_rgb(ctx); /* Borrowed reference */
-
- pdf_to_rect(ctx, pdf_dict_get(ctx, annot->obj, PDF_NAME_Rect), &annot_rect);
- rect = annot_rect;
-@@ -2396,7 +2393,6 @@ void pdf_set_signature_appearance(fz_context *ctx, pdf_document *doc, pdf_annot
- fz_bound_path(ctx, path, NULL, &fz_identity, &logo_bounds);
- center_rect_within_rect(&logo_bounds, &rect, &logo_tm);
- fz_concat(&logo_tm, &logo_tm, &page_ctm);
-- cs = fz_device_rgb(ctx); /* Borrowed reference */
- fz_fill_path(ctx, dev, path, 0, &logo_tm, cs, logo_color, 1.0f, NULL);
-
- get_font_info(ctx, doc, dr, da, &font_rec);
---
-2.16.3
-
diff --git a/gnu/packages/patches/mupdf-CVE-2018-6544.patch b/gnu/packages/patches/mupdf-CVE-2018-6544.patch
deleted file mode 100644
index b2c8f849f3..0000000000
--- a/gnu/packages/patches/mupdf-CVE-2018-6544.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-Fix CVE-2018-6544:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6544
-https://bugs.ghostscript.com/show_bug.cgi?id=698830
-https://bugs.ghostscript.com/show_bug.cgi?id=698965
-
-Patches copied from upstream source repository:
-
-https://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d
-https://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89
-
-From b03def134988da8c800adac1a38a41a1f09a1d89 Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Thu, 1 Feb 2018 16:36:14 +0100
-Subject: [PATCH] Bug 698830: Avoid recursion when loading object streams
- objects.
-
-If there were indirect references in the object stream dictionary and
-one of those indirect references referred to an object inside the object
-stream itself, mupdf would previously enter recursion only bounded by the
-exception stack. After this commit the object stream is checked if it is
-marked immediately after being loaded. If it is marked then we terminate
-the recursion at this point, if it is not marked then mark it and
-attempt to load the desired object within. We also take care to unmark
-the stream object when done or upon exception.
----
- source/pdf/pdf-xref.c | 14 ++++++++++++++
- 1 file changed, 14 insertions(+)
-
-diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
-index 723b543c..ed09094c 100644
---- a/source/pdf/pdf-xref.c
-+++ b/source/pdf/pdf-xref.c
-@@ -1576,6 +1576,19 @@ pdf_load_obj_stm(fz_context *ctx, pdf_document *doc, int num, pdf_lexbuf *buf, i
- {
- objstm = pdf_load_object(ctx, doc, num);
-
-+ if (pdf_obj_marked(ctx, objstm))
-+ fz_throw(ctx, FZ_ERROR_GENERIC, "recursive object stream lookup");
-+ }
-+ fz_catch(ctx)
-+ {
-+ pdf_drop_obj(ctx, objstm);
-+ fz_rethrow(ctx);
-+ }
-+
-+ fz_try(ctx)
-+ {
-+ pdf_mark_obj(ctx, objstm);
-+
- count = pdf_to_int(ctx, pdf_dict_get(ctx, objstm, PDF_NAME_N));
- first = pdf_to_int(ctx, pdf_dict_get(ctx, objstm, PDF_NAME_First));
-
-@@ -1655,6 +1668,7 @@ pdf_load_obj_stm(fz_context *ctx, pdf_document *doc, int num, pdf_lexbuf *buf, i
- fz_drop_stream(ctx, stm);
- fz_free(ctx, ofsbuf);
- fz_free(ctx, numbuf);
-+ pdf_unmark_obj(ctx, objstm);
- pdf_drop_obj(ctx, objstm);
- }
- fz_catch(ctx)
---
-2.16.3
-
-From 26527eef77b3e51c2258c8e40845bfbc015e405d Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Mon, 29 Jan 2018 02:00:48 +0100
-Subject: [PATCH] Bug 698830: Don't drop unkept stream if running out of error
- stack.
-
-Under normal conditions where fz_keep_stream() is called inside
-fz_try() we may call fz_drop_stream() in fz_catch() upon exceptions.
-The issue comes when fz_keep_stream() has not yet been called but is
-dropped in fz_catch(). This happens in the PDF from the bug when
-fz_try() runs out of exception stack, and next the code in fz_catch()
-runs, dropping the caller's reference to the filter chain stream!
-
-The simplest way of fixing this it to always keep the filter chain
-stream before fz_try() is called. That way fz_catch() may drop the
-stream whether an exception has occurred or if the fz_try() ran out of
-exception stack.
----
- source/pdf/pdf-stream.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/source/pdf/pdf-stream.c b/source/pdf/pdf-stream.c
-index c89da5c4..c6ba7ad3 100644
---- a/source/pdf/pdf-stream.c
-+++ b/source/pdf/pdf-stream.c
-@@ -303,14 +303,13 @@ pdf_open_raw_filter(fz_context *ctx, fz_stream *chain, pdf_document *doc, pdf_ob
- *orig_gen = 0;
- }
-
-- fz_var(chain);
-+ chain = fz_keep_stream(ctx, chain);
-
- fz_try(ctx)
- {
- len = pdf_to_int(ctx, pdf_dict_get(ctx, stmobj, PDF_NAME_Length));
-
-- /* don't close chain when we close this filter */
-- chain2 = fz_keep_stream(ctx, chain);
-+ chain2 = chain;
- chain = NULL;
- chain = fz_open_null(ctx, chain2, len, offset);
-
---
-2.16.3
-
diff --git a/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch b/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch
deleted file mode 100644
index d5c9c60242..0000000000
--- a/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Make it possible to build MuPDF with OpenJPEG 2.3, which is the latest
-release series and contains many important bug fixes.
-
-Patch adapted from Debian:
-
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745246
-
-And related to this upstream commit:
-
-http://git.ghostscript.com/?p=mupdf.git;a=commit;h=f88bfe2e62dbadb96d4f52d7aa025f0a516078da
-
-diff --git a/source/fitz/load-jpx.c b/source/fitz/load-jpx.c
-index 65699ba..ea84778 100644
---- a/source/fitz/load-jpx.c
-+++ b/source/fitz/load-jpx.c
-@@ -445,11 +445,6 @@ fz_load_jpx_info(fz_context *ctx, const unsigned char *data, size_t size, int *w
-
- #else /* HAVE_LURATECH */
-
--#define OPJ_STATIC
--#define OPJ_HAVE_INTTYPES_H
--#if !defined(_MSC_VER) || _MSC_VER >= 1600
--#define OPJ_HAVE_STDINT_H
--#endif
- #define USE_JPIP
-
- #include <openjpeg.h>
diff --git a/gnu/packages/patches/myrepos-CVE-2018-7032.patch b/gnu/packages/patches/myrepos-CVE-2018-7032.patch
new file mode 100644
index 0000000000..ce9493e5f9
--- /dev/null
+++ b/gnu/packages/patches/myrepos-CVE-2018-7032.patch
@@ -0,0 +1,69 @@
+http://source.myrepos.branchable.com/?p=source.git;a=patch;h=40a3df21c73f1bb1b6915cc6fa503f50814664c8
+This can be removed with the next release. It was modified slightly to apply
+
+From 40a3df21c73f1bb1b6915cc6fa503f50814664c8 Mon Sep 17 00:00:00 2001
+From: Paul Wise <pabs3@bonedaddy.net>
+Date: Sun, 11 Feb 2018 21:57:49 +0800
+Subject: [PATCH] Mitigate vulnerabilities caused by some git remotes being
+ able to execute code
+
+Set GIT_PROTOCOL_FROM_USER=0 with git versions newer than 2.12.
+
+Prevent remote websites from causing cloning of local repositories.
+
+Manually whitelist known-safe protocols (http, https, git, ssh)
+when using git versions older than 2.12.
+
+Fixes: CVE-2018-7032
+Fixes: https://bugs.debian.org/840014
+Suggestions-by: Jakub Wilk <jwilk@jwilk.net>
+Reported-by: Jakub Wilk <jwilk@jwilk.net>
+---
+ webcheckout | 22 +++++++++++++++++++++-
+ 1 file changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/webcheckout b/webcheckout
+index e98da5c..de497ba 100755
+--- a/webcheckout
++++ b/webcheckout
+@@ -71,6 +71,16 @@ use Getopt::Long;
+ use warnings;
+ use strict;
+
++# Mitigate some git remote types being dangerous
++my $git_unsafe = 1;
++my $git_version = `git --version`;
++$git_version =~ s{^git version }{};
++my ($major, $minor) = split(/\./, $git_version);
++if (int($major) >= 2 && int($minor) >= 12) {
++ $ENV{GIT_PROTOCOL_FROM_USER} = 0;
++ $git_unsafe = 0;
++}
++
+ # What to download.
+ my $url;
+
+@@ -89,7 +99,17 @@ my $destdir;
+
+ # how to perform checkouts
+ my %handlers=(
+- git => sub { doit("git", "clone", shift, $destdir) },
+- svn => sub { doit("svn", "checkout", shift, $destdir) },
+- bzr => sub { doit("bzr", "branch", shift, $destdir) },
++ git => sub {
++ my $git_url = shift;
++ # Reject unsafe URLs with older versions of git
++ # that do not already check the URL safety.
++ if ($git_unsafe && $git_url !~ m{^(?:(?:https?|git|ssh):[^:]|(?:[-_.A-Za-z0-9]+@)?[-_.A-Za-z0-9]+:(?!:|//))}) {
++ print STDERR "potentially unsafe git URL, may fail, touch local files or execute arbitrary code\n";
++ return 1;
++ }
++ # Reject cloning local directories too, webcheckout is for remote repos
++ doit(qw(git -c protocol.file.allow=user clone --), $git_url, $destdir)
++ },
++ svn => sub { doit(qw(svn checkout --), shift, $destdir) },
++ bzr => sub { doit(qw(bzr branch --), shift, $destdir) },
+ );
+--
+2.11.0
+
diff --git a/gnu/packages/patches/python-statsmodels-fix-tests.patch b/gnu/packages/patches/python-statsmodels-fix-tests.patch
deleted file mode 100644
index f910b4b5a5..0000000000
--- a/gnu/packages/patches/python-statsmodels-fix-tests.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-This drops a test that fails with numpy 1.12.
-
-Upstream bug URL: https://github.com/statsmodels/statsmodels/issues/3541
-
---- a/statsmodels/discrete/tests/test_discrete.py 2017-03-06 15:29:19.947343331 +0000
-+++ b/statsmodels/discrete/tests/test_discrete.py 2017-03-06 15:29:37.759328845 +0000
-@@ -1329,21 +1329,6 @@
- res = mod.fit(start_params=-np.ones(4), method='newton', disp=0)
- assert_(not res.mle_retvals['converged'])
-
--def test_issue_339():
-- # make sure MNLogit summary works for J != K.
-- data = sm.datasets.anes96.load()
-- exog = data.exog
-- # leave out last exog column
-- exog = exog[:,:-1]
-- exog = sm.add_constant(exog, prepend=True)
-- res1 = sm.MNLogit(data.endog, exog).fit(method="newton", disp=0)
-- # strip the header from the test
-- smry = "\n".join(res1.summary().as_text().split('\n')[9:])
-- cur_dir = os.path.dirname(os.path.abspath(__file__))
-- test_case_file = os.path.join(cur_dir, 'results', 'mn_logit_summary.txt')
-- test_case = open(test_case_file, 'r').read()
-- np.testing.assert_equal(smry, test_case[:-1])
--
- def test_issue_341():
- data = sm.datasets.anes96.load()
- exog = data.exog
diff --git a/gnu/packages/patches/wesnoth-fix-std-bad-cast.patch b/gnu/packages/patches/wesnoth-fix-std-bad-cast.patch
deleted file mode 100644
index 18328ed018..0000000000
--- a/gnu/packages/patches/wesnoth-fix-std-bad-cast.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From 18e5ea50a7136cb3686c5a7c51c111ccce73dc54 Mon Sep 17 00:00:00 2001
-From: Iris Morelle <shadowm@wesnoth.org>
-Date: Sun, 6 May 2018 16:10:42 -0300
-Subject: [PATCH] i18n: Blind fix attempt for std::bad_cast being thrown on
- Windows
-
-Several reports on Steam and our forums point at std::bad_cast being
-thrown when accessing Preferences and the Multiplayer menu amongst
-others. It's possible that the locale configuration on those systems is
-not quite right, and compare() and icompare() are able to throw
-std::bad_cast when this happens as they both use std::use_facet().
-
-Note that much like the macOS/iOS version of icompare(), this stopgap
-patch doesn't attempt to provide any form of case-insensitive fallback
-and just uses a case-sensitive comparison instead.
----
- src/gettext_boost.cpp | 29 +++++++++++++++++++++++++++--
- 1 file changed, 27 insertions(+), 2 deletions(-)
-
-diff --git a/src/gettext_boost.cpp b/src/gettext_boost.cpp
-index 3cc7690d5ef..fb04ffeea90 100644
---- a/src/gettext_boost.cpp
-+++ b/src/gettext_boost.cpp
-@@ -423,7 +423,19 @@ void set_language(const std::string& language, const std::vector<std::string>* /
- int compare(const std::string& s1, const std::string& s2)
- {
- std::lock_guard<std::mutex> lock(get_mutex());
-- return std::use_facet<std::collate<char>>(get_manager().get_locale()).compare(s1.c_str(), s1.c_str() + s1.size(), s2.c_str(), s2.c_str() + s2.size());
-+
-+ try {
-+ return std::use_facet<std::collate<char>>(get_manager().get_locale()).compare(s1.c_str(), s1.c_str() + s1.size(), s2.c_str(), s2.c_str() + s2.size());
-+ } catch(const std::bad_cast&) {
-+ static bool bad_cast_once = false;
-+
-+ if(!bad_cast_once) {
-+ ERR_G << "locale set-up for compare() is broken, falling back to std::string::compare()\n";
-+ bad_cast_once = true;
-+ }
-+
-+ return s1.compare(s2);
-+ }
- }
-
- int icompare(const std::string& s1, const std::string& s2)
-@@ -433,8 +445,21 @@ int icompare(const std::string& s1, const std::string& s2)
- return compare(s1, s2);
- #else
- std::lock_guard<std::mutex> lock(get_mutex());
-- return std::use_facet<bl::collator<char>>(get_manager().get_locale()).compare(
-+
-+ try {
-+ return std::use_facet<bl::collator<char>>(get_manager().get_locale()).compare(
- bl::collator_base::secondary, s1, s2);
-+ } catch(const std::bad_cast&) {
-+ static bool bad_cast_once = false;
-+
-+ if(!bad_cast_once) {
-+ ERR_G << "locale set-up for icompare() is broken, falling back to std::string::compare()\n";
-+ bad_cast_once = true;
-+ }
-+
-+ // FIXME: not even lazily case-insensitive
-+ return s1.compare(s2);
-+ }
- #endif
- }
-